| commit | 8db7f450d52539b4c72ee968384911b6813ad1e7 | |
| author | Jan Kundrát <jkt@kde.org> | |
| Thu, 25 Jun 2020 19:39:34 +0000 (25 21:39 +0200) | ||
| committer | Jan Kundrát <jkt@kde.org> | |
| Fri, 26 Jun 2020 10:29:56 +0000 (26 12:29 +0200) | ||
| tree | 94c0651629cbd7fbefd5e934c95581aeefa678cb | treesnapshot (tar.gz zip) |
| parent | 4317aba9fef12810bf5466f310de5cba830144a9 | commitdiff |
Prevent a possible decryption oracle attack
Thanks to Jens Mueller (Ruhr-Uni Bochum and FH Münster) for reporting
this. The gist is that an attacker can embed arbitrary ciphertext into
their messages. Trojita decrypts that, and when we hit reply, the
original *cleartext* gets quoted and put into a reply for the attacker
to see.
Fix this by not quoting any plaintext which originated in an encrypted
message. That's pretty draconian, but hey, it works and we never came up
with any better patch. Also, given that Trojita does not encrypt
outgoing messages yet, this is probably also a conservative thing to do.
Change-Id: I84c45b9e707eb7c99eb7183c6ef59ef41cd62c43
CVE: CVE-2019-10734
BUG: 404697
Thanks to Jens Mueller (Ruhr-Uni Bochum and FH Münster) for reporting
this. The gist is that an attacker can embed arbitrary ciphertext into
their messages. Trojita decrypts that, and when we hit reply, the
original *cleartext* gets quoted and put into a reply for the attacker
to see.
Fix this by not quoting any plaintext which originated in an encrypted
message. That's pretty draconian, but hey, it works and we never came up
with any better patch. Also, given that Trojita does not encrypt
outgoing messages yet, this is probably also a conservative thing to do.
Change-Id: I84c45b9e707eb7c99eb7183c6ef59ef41cd62c43
CVE: CVE-2019-10734
BUG: 404697
| src/Cryptography/GpgMe++.cpp | diffblobblamehistory | |
| src/Gui/MessageView.cpp | diffblobblamehistory | |
| src/Gui/PartWidget.cpp | diffblobblamehistory | |
| src/Imap/Model/ItemRoles.h | diffblobblamehistory |